JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE) ›› 2016, Vol. 51 ›› Issue (5): 72-77.doi: 10.6040/j.issn.1671-9352.2.2015.253

Previous Articles     Next Articles

Design and implementation of transparent key transmission based on SMM

ZHANG Kun1,2, ZHAO Bo1,2*, AN Yang3   

  1. 1. Computer School Wuhan University, Wuhan 430072, Hubei, China;
    2. Key Laboratory of Aerospace Information Security and Trusted Computing Ministry of Education, Wuhan 430072, Hubei, China;
    3. Computer School Wuhan University, Wuhan 430072, Hubei, China
  • Received:2015-08-17 Online:2016-05-20 Published:2016-05-16

PDF (PC)

683

Abstract: The encryption key used in the driver layer encryption was usually stored in the peripheral equipment of USB. In the process of encryption, the key is transmitted to the driver layer via USB interface. But the USB channel is not secure enough and there may be key leakage threat. Therefore this paper proposed a secure key transmission solution based on system management module(SMM)to solve this problem. The solution leveraged the intangibility of SMM towards the operating system and we propose a new and secure key transmit scheme. The experiments results indicated that it could effectively resist the attack to USB channel, guarantee the key security during transmission and significantly enhance the security of encryption key in the driver layer.

Key words: secure key transmission, driver layer encryption, USB channel, SMM

CLC Number: 

  • TP309
[1] CHEN J, YE J. Research on the file encryption system based on minifilter driver[C] //Proceedings of the 13th International Conference on Man-Machine-Environment System Engineering. Heidelberger: Springer-verlag Berlin, 2014:175-182.
[2] Microsoft. Filter manager support for minifilter drivers[EB/OL].[2015-03-25]. https://msdn.microsoft.com/en-us/library/windows/hardware/ff541613(v=vs.85).aspx.
[3] KASPER T, OSWALD D, PAAR C. EM side-channel attacks on commercial contactless smartcards using low-cost equipment[M] // YOUM H Y, YUNG M. Information Security Applications. Heidelberger: Springer-verlag Berlin, 2009:79-93.
[4] HE D, KUMAR N, LEE J H, et al. Enhanced three-factor security protocol for consumer USB mass storage devices[J]. IEEE Transactions on Consumer Electronics, 2014, 60(1):30-37.
[5] 顾正义, 黄皓. 新加密文件系统的研究与实现[J]. 计算机工程与设计, 2009,30(14): 3272-3277. GU Zhengyi, HUANG Hao. Research and implementation of new encrypting file system[J].Computer Engineering and Design, 2009, 30(14):3272-3277.
[6] JIZHONG L. An improved security technique for the terminal sensitive documents[C] // Proceedings of the 5th International Conference on Computer Sciences and Convergence Information Technology(ICCIT). Piscataway:IEEE, 2010:1028-1031.
[7] 郑磊, 马兆丰, 顾明. 基于文件系统过滤驱动的安全增强型加密系统技术研究[J]. 小型微型计算机系统, 2007, 28(7):1181-1184. ZHENG Lei, MA Zhaofeng, GU Ming. Techniques of file system filter driver—based and security—enhanced encryption system[J]. Journal of Chinese Computer Systems, 2007, 28(7):1181-1184.
[8] 赵铭伟, 毛锐, 江荣安. 基于过滤驱动的透明加密文件系统模型[J]. 计算机工程, 2009, 35(1):150-152. ZHAO Ming wei, MAO Rui, JlANG Rongan. Transparent encryption file system model based on filter Driver[J]. Computer Engineering, 2009, 35(1):150-152.
[9] 朱明, 徐骞, 刘春明,等. 木马病毒分析及其检测方法研究[J]. 计算机工程与应用, 2003, 39(28):176-179. ZHU Ming, XU Qian, LIU Chunming. Analysis of trojan horse and its detection[J]. Computer Engineering and Applications, 2003, 39(28):176-179.
[10] DUFLOT L, ETIEMBLE D, GRUMELARD O. Security issues related to pentium system management mode[C] // Proceedings of the 7th CanSecWest Security Conference. [S.l.] :[s.n.] , 2006.
[11] 赵霞, 陈向群, 郭耀, 等. 操作系统电源管理研究进展[J]. 计算机研究与发展, 2008, 45(5):817-824. ZHAO Xia, CHEN Xiangqun, GUO Yao, et al. A survey oil operating system power management[J]. Journal of Computer Research and Development, 2008, 45(5):817-824.
[12] DUFLOT L, ETIEMBLE D, GRUMELARD O. Using CPU system management mode to circumvent operating system security functions[J]. Proceedings of the 7th CanSecWest Security Conference. [S.l.] :[s.n.] , 2006.
[13] 杨帆. USB KEY 体系研究与技术实现[D]. 武汉: 武汉大学计算机学院, 2004. YANG Fan. Research and realization of USBKEY structure[D]. Wuhan: Computer School of Wuhan Uunivesriy,2004.
[1] YAN Yan, HAO Xiao-hong. Differential privacy partitioning algorithm based on adaptive density grids [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(9): 12-22.
[2] JIAO Hong-ru, QIN Jing. Quantum secret sharing scheme realizing all hyperstar quantum access structure [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(9): 62-68.
[3] XU Li-dong, WANG Ming-qiang. A meet-in-the-middle attack on 10-round AES-128 [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(7): 39-45.
[4] ZHANG Jian-biao, LI Zhi-gang, LIU Guo-jie, WANG Chao, WANG Wei. Process active dynamic measurement method for Windows environment [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(7): 46-50.
[5] CUI Zhao-yang, SUN Jia-qi, XU Song-yan, JIANG Xin. A secure clustering algorithm of Ad Hoc network for colony UAVs [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(7): 51-59.
[6] LIU Zheng, NIU Fang-lin, QIAN Da-xing, CAI Xi-biao, GUO Ying. Design of anti-eavesdropping code based on fountain codes [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(7): 60-64.
[7] LIU Ming-ming, ZHANG Min-qing, LIU Jia, GAO Pei-xian. Steganalysis method based on shallow convolution neural network [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(3): 63-70.
[8] RUAN Shu-hua, WENG Jun-hao, MAO Hui, CHEN Xue-lian. Metric model for cloud computing security risk assessment [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(3): 71-76.
[9] KANG Hai-yan, HUANG Yu-xuan, CHEN Chu-qiao. Enhancing privacy for geographic information based on video analysis [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(1): 19-29.
[10] MENG Bo, LU Jin-tian, WANG De-jun, HE Xu-dong. Survey of security analysis of security protocol implementations [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(1): 1-18.
[11] TAN Ren, YIN Xiao-chuan, JIAO Xian-long, LIAN Zhe, CHEN Yu-xin. Software defined APT attack moving target defense network architecture [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(1): 38-45.
[12] SUN Ze-rui, WANG Ji-jun, LI Guo-xiang, XIA Guo-en. New reversible data hiding algorithm based on interpolation images [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(1): 46-52.
[13] SUN Liang, CHEN Xiao-chun, ZHONG Yang, LIN Zhi-peng, REN Tong. Secure startup mechanism of server based on trusted BMC [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2018, 53(1): 89-94.
[14] YAO Ke, ZHU Bin-rui, QIN Jing. Verifiable public key searchable encryption protocol based on biometrics [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(11): 11-22.
[15] HAN Pan-pan, QIN Jing. Verifiable and searchable encryption scheme for outsourced database in cloud computing [J]. JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE), 2017, 52(9): 41-53.
Viewed
Full text


Abstract

Cited
  Shared   
  Discussed   
No Suggested Reading articles found!
Copyright 2018 © Editorial office of JOURNAL OF SHANDONG UNIVERSITY(NATURAL SCIENCE)
Supported by Beijing Magtech Co.Ltd